Your message dated Wed, 29 Apr 2015 16:10:37 +0000
with message-id <[email protected]>
and subject line Bug#783077: fixed in vsftpd 3.0.2-19
has caused the Debian Bug report #783077,
regarding Defaults for "listen" differ from what the man page says; may break
upgrades
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
783077: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783077
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Severity: important
Package: vsftpd
Version: 3.0.2-17
The vsftpd.conf(5) manual page says that the default value for the
"listen" configuration file option is "NO" but in reality it's "YES",
as we can see from the line 185 in tunables.c:
tunable_listen = 1;
What's worse, this seems to be a change introduced during the Jessie
development cycle as on the box I've upgraded to Jessie (to vsftpd
3.0.2-17) I had both "listen" and "listen_v6" commented out and using
inetd for running vsftpd. The upgrade stopped vsftpd from functioning
as it tried to open its port 20 for listening after being spawned by
inetd, and failed, reporting "500 OOPS: could not bind listening IPv4
socket" to the connected client.
Hence what I would propose is to revert the change enabling "listen" by
default to not break upgrades for those who relied on the defaults as
they were in Wheezy and is running vsftpd via inetd.
Otherwise, the manual page should be fixed and supposedly NEWS.Debian
updated as well.
I tried to locate the vsftpd's source code repository, but failed; the
Debian's Git repo contains only the most recent version, 3.0.2, in its
"upstream" branch so I have no idea how should I try to see whether
vsftpd itself had its defaults for the "listen" option changed since
the version packaged in Wheezy. The changelog available on the
upstream website only mentions the word "listen" in the entry for some
very old version -- much older than that in Wheezy.
----
(The following text discusses a problem supposedly tangential to the
essense of my bug report but including it anyway.)
The closest existing Debian bug I've managed to find is
#574837 [1] which basically amounted with tinkering with the
configuration file while not touching the code,
and the code currently has
tunable_listen = 1;
tunable_listen_ipv6 = 0;
While this might not relate to the problem at hand, I reckon the patch
applied from #574837 should also be extended to reverse the values of
the affected options in tunables.c, as I indicated above.
1. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574837
--- End Message ---
--- Begin Message ---
Source: vsftpd
Source-Version: 3.0.2-19
We believe that the bug you reported is fixed in the latest version of
vsftpd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jörg Frings-Fürst <[email protected]> (supplier of updated vsftpd
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 21 Apr 2015 21:48:08 +0200
Source: vsftpd
Binary: vsftpd vsftpd-dbg
Architecture: source amd64
Version: 3.0.2-19
Distribution: unstable
Urgency: medium
Maintainer: Jörg Frings-Fürst <[email protected]>
Changed-By: Jörg Frings-Fürst <[email protected]>
Description:
vsftpd - lightweight, efficient FTP server written for security
vsftpd-dbg - lightweight, efficient FTP server written for security (debug)
Closes: 783077
Changes:
vsftpd (3.0.2-19) unstable; urgency=medium
.
* vsftpd.postrm:
- Replace fixed path with a POSIX-compliant shell function to check
the existence of a command.
* New debian/patches/0055-set_default_listen.patch (Closes: #783077):
- Set the default value of tunable_listen to the same value of
listen in the manpage vsftpd.conf.5.
* Rewrite bug script:
- debian/vsftpd.bug-script: Replace dialog with yesno.
- debian/control: Remove dialog from Depends.
Checksums-Sha1:
5c048c317e39e7cb34eb2b3e83afa54f398cbbd4 1957 vsftpd_3.0.2-19.dsc
69a609a9a39a7952fdffb70abfb2bcbbb2df285e 152756 vsftpd_3.0.2.orig.tar.xz
6021cfa2ff4486bbb3eb329761ec9ec3a3972b86 31912 vsftpd_3.0.2-19.debian.tar.xz
b8e02f0113256dfbbef268ce345416dafdcf449e 151288 vsftpd_3.0.2-19_amd64.deb
371b2b0755fb418134e96c4bb6e3a907fcbcd2fc 222258 vsftpd-dbg_3.0.2-19_amd64.deb
Checksums-Sha256:
c70c71395e9937acc59121abcbda92fd211f7eef08993807023cbf9c80c3b535 1957
vsftpd_3.0.2-19.dsc
b19b19125925d307f713853e59df98c9bccae0279b22df1c586fb608363f7cd1 152756
vsftpd_3.0.2.orig.tar.xz
0c42f2503cbf1773168e9efd32c8053abd0ce8de89154cb7c8de5167c94ff4b6 31912
vsftpd_3.0.2-19.debian.tar.xz
d0cbfa42f95419db84bfb22e0e6c641e501b321b17c8865637c9b79c85ee09f6 151288
vsftpd_3.0.2-19_amd64.deb
aaa714e22cc98f4692d422abb31ea219e0bb54b0aedd3b3f419caea47d1d62df 222258
vsftpd-dbg_3.0.2-19_amd64.deb
Files:
e2da0953147d08146eda63431841e0c3 1957 net extra vsftpd_3.0.2-19.dsc
24f83e528020c847777d5030d0ec15fe 152756 net extra vsftpd_3.0.2.orig.tar.xz
8460d4af9f3e8aa77f57c9e85b3abe27 31912 net extra vsftpd_3.0.2-19.debian.tar.xz
a5cccdae35f8d4515aa53fe015525001 151288 net extra vsftpd_3.0.2-19_amd64.deb
0edc7dabc68da5176c4dfc39052ed7fd 222258 debug extra
vsftpd-dbg_3.0.2-19_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJVQOKdAAoJEHQmOzf1tfkTy40QALXR0dw/X9K43cRzDwEI/vML
Fpqmv3Ss2HhJ5dmljJZlPUrr4ZjCkOcLkACwXi0lU6sova90YP9aO89fUGDSbFk8
x2ekL95eg2XRmWzs6fUTK6Mr1vjmElgs5KTi6/T6MMnu87C7xXfxUz0RDl4FL7cF
fuKn/djVufDVLrSNXu0y49iwoIVAbfAHlq5Q3CQGbaM+vEoyO/anxSwGaY7j+oJO
VZFo+cCms7aNudo4ekV7/3eM6zzTcdBzpN3SjHMnMnfshXleiyq1qPDM/YnLgSiW
ZbbD2azm14NVC9fMS85YY8JKlzTs5jmdURs7RZX2CmInjObGSV3S7IK+tXyAOAp/
na5Fk/JqOyFosPe0T4nAvlv5hIewZSuujy1d/LAstRBxeR3qXrVTtk1laH2Bb1UI
riF9aiXbIkivFcSL0E1FB/q+L+9LgHEKlMcMcqd+wrTw51pgy/7i1/819iaj1scH
zibnqzWPp0ybAUK+hwLeFn+qpR9sAnM+kENiYcvQjxksSTOmt2SBXuxt0PlfbSL7
RU9FtJCSiR1lNSv3QrF71rQpyp1etN//UhZl5a1L/HPI1+kr+fjKGuXp8IW3VKXv
s8A7hPv93jJGJbjxEpLt3IczvWwTZ3MG8/YaHvlljg6QG5A5Wy1lWGp6vw1mn6wH
vqTr78tpO4MZktNq9V7Z
=5+kC
-----END PGP SIGNATURE-----
--- End Message ---
